<?php

class SessionController extends ApplicationController
{
	var $models = 'user';
	
	function login() {
	}
	
	function create() {
		//$this->redirectTo(array('action'=>'index', 'controller'=>'home'));
		if(empty($_SESSION['__CurrentUser'])){
            if($this->CurrentUser =& User::authenticate($this->params['email'], $this->params['password'])){
                $_SESSION['__CurrentUser'] = serialize($this->CurrentUser);
            } else {
            	$this->flash['info'] = "Error";
            }
        }else{
            $this->CurrentUser = unserialize($_SESSION['__CurrentUser']);
        }
        if($result = !empty($_SESSION['__CurrentUser'])){
            User::_setCurrentUser($this->CurrentUser);
            $this->flash['notice'] = "Bienvenido";
			$this->redirectTo(array('action'=>'index', 'controller'=>'home'));
        }
	}
	
	function logout() {
		User::_setCurrentUser(null);
		$this->redirectTo(array('action'=>'index', 'controller'=>'home'));
	}
	
	
	
	var $app_models = 'user';
    //var $protect_all_actions = true;
    var $protected_actions = ''; // You can protect individual actions;
    
    function __construct()
    {
        $this->beforeFilter('login');
        !empty($this->protected_actions) ? $this->beforeFilter('_protectAction') : null;
        !empty($this->protect_all_actions) ? $this->beforeFilter(array('_protectAllActions' => array('except'=>'action_privileges_error'))) : null;
    }


    function access_denied()
    {
        header('HTTP/1.0 401 Unauthorized');
        echo "HTTP Basic: Access denied.\n";
        exit;
    }

    function _protectAction()
    {
        $protected_actions = Ak::toArray($this->protected_actions);
        $action_name = $this->getActionName();
        if(in_array($action_name, $protected_actions)){
            $this->redirectTo(array('controller' => 'home', 'action'=>'protected_action'));
        }
    }

    function _protectAllActions()
    {
    	$this->redirectTo(array('action'=>'error_acceso', 'controller'=>'home'));
    }
}

?>
